vince

16 oktober 2010

Super, laatste tip werkt prima (usb poorten).

ik krijg tijdens het updaten van windows nog steeds de melding installatie programma voor windows-modules werkt niet meer, hierdoor blijft de update vast hangen en moet ik de pc handmatig opnieuw opstarten waarna ik weer de update kan uitvoeren en hij weer blijft vast hangen. kunnen we hier ook nog iets mee?

gr Vincent

15 oktober 2010

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 18:42:09, on 15-10-2010

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18828)

Boot mode: Safe mode with network support

Running processes:

C:\Windows\Explorer.EXE

C:\Windows\helppane.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Mail\WinMail.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

C:\Program Files\Internet Explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Marktplaats - De plek om Nieuwe en Tweedehands spullen te kopen en verkopen

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! UK & Ireland

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll

O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKCU\..\Run: [Device Detector] DevDetect.exe -autorun

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [HyvesDesktop.exe] C:\PROGRA~1\HYVESD~1\bin\HYVESD~1.EXE

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll

O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe

O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe

O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe

O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe

O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--

End of file - 5893 bytes

---------- Post toegevoegd om 16:59 ---------- Vorige post was om 16:46 ----------

het gaat de goede kant op maar ik krijg nu tijdens het updaten van windows weer de melding installatie programma voor windows-modules werkt niet meer. ook mijn usb poorten werken nog steeds niet. pc is wel weer een stuk sneller geworden. waarvoor dank! kunnen we nog iets proberen om de andere problemen op te lossen.

ps gelukkig zijn jullie geduldig!

Gr Vince

15 oktober 2010

ComboFix 10-10-14.01 - Demi-D Racing Team 15-10-2010 14:44:40.2.1 - x86

Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.31.1043.18.1023.400 [GMT 2:00]

Gestart vanuit: c:\users\Demi-D Racing Team\Downloads\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Demi-D Racing Team\Desktop\CFScript.txt..txt - Snelkoppeling.lnk

SP: Spyware Doctor *enabled* (Outdated) {1C3EDD79-273E-46ac-99F8-EFA9E7CBC301}

SP: Windows Defender *disabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

.

(((((((((((((((((((( Bestanden Gemaakt van 2010-09-15 to 2010-10-15 ))))))))))))))))))))))))))))))

.

2010-10-15 12:56 . 2010-10-15 12:56 -------- d-----w- c:\users\Default\AppData\Local\temp

2010-10-15 11:07 . 2010-10-15 11:07 -------- d-----w- c:\users\Demi-D Racing Team\AppData\Local\Hyves

2010-10-15 11:06 . 2010-10-15 11:07 -------- d-----w- c:\program files\Hyves Desktop

2010-10-15 09:52 . 2010-10-15 12:56 -------- d-----w- c:\users\Demi-D Racing Team\AppData\Local\temp

2010-10-14 20:56 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll

2010-10-14 20:56 . 2010-08-20 16:05 867328 ----a-w- c:\windows\system32\wmpmde.dll

2010-10-14 20:56 . 2010-08-31 13:27 2038272 ----a-w- c:\windows\system32\win32k.sys

2010-10-14 20:55 . 2010-08-31 15:46 954752 ----a-w- c:\windows\system32\mfc40.dll

2010-10-14 20:55 . 2010-08-31 15:46 954288 ----a-w- c:\windows\system32\mfc40u.dll

2010-10-14 20:54 . 2010-08-31 15:44 531968 ----a-w- c:\windows\system32\comctl32.dll

2010-10-12 13:29 . 2010-10-12 13:29 388096 ----a-r- c:\users\Demi-D Racing Team\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2010-10-12 12:04 . 2010-10-12 12:04 -------- d-----w- c:\programdata\Driver Whiz

2010-10-12 11:45 . 2010-10-14 20:55 -------- d-----w- c:\windows\system32\catroot2

2010-10-10 11:51 . 2010-10-10 12:02 1884 ----a-w- c:\windows\system32\ASOROSet.bin

2010-10-10 11:40 . 2010-10-10 11:40 -------- d-----w- c:\windows\Repair

2010-10-10 11:40 . 2010-10-15 09:00 -------- d-----w- c:\users\Demi-D Racing Team\AppData\Roaming\PCOptimax

2010-10-06 12:24 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll

2010-10-06 12:24 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll

2010-10-06 12:24 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll

2010-10-06 12:24 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe

2010-10-06 12:24 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll

2010-10-06 10:54 . 2010-04-16 16:46 502272 ----a-w- c:\windows\system32\usp10.dll

2010-10-06 10:54 . 2010-06-22 13:30 2048 ----a-w- c:\windows\system32\tzres.dll

2010-10-06 10:54 . 2010-08-17 10:52 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat

2010-10-06 10:54 . 2010-06-16 16:04 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys

2010-10-06 10:54 . 2010-05-27 20:08 81920 ----a-w- c:\windows\system32\iccvid.dll

2010-10-06 10:54 . 2010-06-11 16:16 274944 ----a-w- c:\windows\system32\schannel.dll

2010-10-06 10:54 . 2010-08-17 14:11 128000 ----a-w- c:\windows\system32\spoolsv.exe

2010-10-06 10:54 . 2010-06-17 18:08 10926592 ----a-w- c:\program files\Movie Maker\MOVIEMK.dll

2010-10-06 10:53 . 2010-06-17 16:16 150016 ----a-w- c:\program files\Movie Maker\MOVIEMK.exe

2010-10-06 10:53 . 2010-04-05 17:02 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL

2010-10-06 10:53 . 2010-06-18 17:31 36864 ----a-w- c:\windows\system32\rtutils.dll

2010-10-06 10:53 . 2010-06-08 17:35 3600768 ----a-w- c:\windows\system32\ntkrnlpa.exe

2010-10-06 10:53 . 2010-06-08 17:35 3548040 ----a-w- c:\windows\system32\ntoskrnl.exe

2010-10-06 10:53 . 2010-06-11 16:15 1248768 ----a-w- c:\windows\system32\msxml3.dll

2010-10-06 10:53 . 2010-06-18 15:04 302080 ----a-w- c:\windows\system32\drivers\srv.sys

2010-10-06 10:53 . 2010-06-18 15:04 144896 ----a-w- c:\windows\system32\drivers\srv2.sys

2010-10-06 10:53 . 2010-08-26 04:23 13312 ----a-w- c:\program files\Internet Explorer\iecompat.dll

2010-10-06 10:53 . 2010-05-27 20:08 739328 ----a-w- c:\windows\system32\inetcomm.dll

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Device Detector"="DevDetect.exe -autorun" [X]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-10-07 2067808]

"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux9"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk]

backup=c:\windows\pss\BTTray.lnk.CommonStartup

backupExtension=.CommonStartup

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk

backup=c:\windows\pss\Empowering Technology Launcher.lnk.CommonStartup

backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk

backup=c:\windows\pss\Logitech SetPoint.lnk.CommonStartup

backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]

backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup

backupExtension=.CommonStartup

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk

[HKLM\~\startupfolder\C:^Users^Demi-D Racing Team^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Productregistratie.lnk]

path=c:\users\Demi-D Racing Team\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Productregistratie.lnk

backup=c:\windows\pss\Logitech . Productregistratie.lnk.Startup

backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Device Detector]

DevDetect.exe -autorun [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]

c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Empowering Technology Monitor]

2006-11-23 14:24 319488 ----a-w- c:\windows\System32\SysMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]

2007-03-09 10:09 63712 ----a-w- c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]

2006-11-17 06:26 453120 ----a-w- c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart]

2008-05-11 11:19 5423104 ----a-w- c:\program files\eMule\emule.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]

2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launch LCDMon]

2006-11-09 10:45 549376 ----a-w- c:\program files\Common Files\Logitech\LCD Manager\LCDMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia FastStart]

2009-02-26 15:04 2376992 ----a-w- c:\program files\Nokia\Nokia Music\NokiaMusic.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]

2006-11-24 23:57 151552 ------w- c:\acer\Empowering Technology\eMode\PCM\PCMService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2009-09-04 23:54 417792 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]

2006-11-09 02:57 3784704 ----a-w- c:\windows\RtHDVCpl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]

2006-11-05 19:48 57344 ----a-w- c:\acer\WR_PopUp\WarReg_PopUp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]

2006-11-02 09:45 215552 ----a-w- c:\windows\WindowsMobile\wmdSync.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]

"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup

"eMuleAutoStart"=c:\program files\eMule\emule.exe -AutoStart

"NokiaOviSuite2"=c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

"NokiaMServer"=c:\program files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

R1 ctredr15.sys;ctredr15.sys;c:\windows\system32\drivers\ctredr15.sys [x]

R1 ctredrv.sys;ctredrv.sys;c:\windows\system32\drivers\ctredrv.sys [x]

R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-29 136176]

R3 PID_0920;Logitech QuickCam Express(PID_0920);c:\windows\system32\DRIVERS\LV532AV.SYS [2005-01-31 163328]

R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-15 27192]

S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2010-08-16 216400]

S1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2010-08-16 243024]

S2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-08-16 921952]

S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-08-16 308136]

S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-11-13 1021256]

S3 RTL85n86;Stuurprogramma voor Realtek 8180/8185 Extensible 802.11-draadloos apparaat;c:\windows\system32\DRIVERS\RTL85n86.sys [2006-11-02 311808]

S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

bthsvcs REG_MULTI_SZ BthServ

WindowsMobile REG_MULTI_SZ wcescomm rapimgr

LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

UxTuneUp

.

Inhoud van de 'Gedeelde Taken' map

2010-10-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-29 10:03]

2010-10-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-29 10:03]

2010-10-14 c:\windows\Tasks\User_Feed_Synchronization-{BCE98746-F5D0-4E13-883F-EE9213C5A443}.job

- c:\windows\system32\msfeedssync.exe [2009-10-15 03:41]

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.marktplaats.nl/

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

mStart Page = hxxp://nl.intl.acer.yahoo.com

uInternet Settings,ProxyOverride = *.local

Trusted Zone: ziggo.nl\thuishelp

Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

.

Binary file temp00 matches

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.032"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.ani"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.apd"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.bay"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.bmp"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.bw"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bwf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.bwf"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cel\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.cel"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.cr2"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.crw"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.cs1"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.cur"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.dcr"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.dcx"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.dib"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.djv"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.djvu"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.dng"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.emf"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.eps"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.erf"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.fff"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flc\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.flc"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fli\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.fli"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.fpx"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.gif"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.icl"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.icn"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.ico"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.iff"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.ilbm"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.int"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.inta"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.iw4"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.j2c"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.j2k"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.jfif"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.jif"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.jp2"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.jpc"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]

@Denied: (2) (S-1-5-21-1529039387-2642620608-3544857530-1000)

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.jpe"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]

@Denied: (2) (S-1-5-21-1529039387-2642620608-3544857530-1000)

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.jpeg"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]

@Denied: (2) (S-1-5-21-1529039387-2642620608-3544857530-1000)

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.jpg"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.jpk"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.jpx"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kar\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.kar"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.lbm"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m15\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.m15"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1a\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.m1a"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2a\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.m2a"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m75\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.m75"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.mos"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.mpv"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.mrw"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.nef"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.orf"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.pbm"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.pcd"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.pct"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.pcx"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.pef"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.pgm"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.pic"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pics\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.pics"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.pict"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.pix"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.png"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.ppm"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.psd"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.psp"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qcp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.qcp"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qtpf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.qtpf"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.raf"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.ras"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.raw"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.rgb"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.rgba"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.rle"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.rsb"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sdv\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.sdv"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sfil\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.sfil"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.sgi"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smf\UserChoice]

@Denied: (2) (S-1-5-21-1529039387-2642620608-3544857530-1000)

@Denied: (2) (LocalSystem)

"Progid"="soffice.StarMathDocument.5"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.sml"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.sr2"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.srf"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.swa\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.swa"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.swf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.swf"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.tga"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.thm"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.tif"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.tiff"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.ttc"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.ttf"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ulw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.ulw"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vfw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.vfw"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.wbm"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.wbmp"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.wmf"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.xbm"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.xif"

[HKEY_USERS\S-1-5-21-1529039387-2642620608-3544857530-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 9.0.xpm"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

Voltooingstijd: 2010-10-15 15:02:21

ComboFix-quarantined-files.txt 2010-10-15 13:02

ComboFix2.txt 2010-10-15 09:52

Pre-Run: 22.762.172.416 bytes beschikbaar

Post-Run: 22.891.892.736 bytes beschikbaar

- - End Of File - - 663CB89553082E0A12D3B588E3AFF02B

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 23:57:25, on 14-10-2010

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18828)

Boot mode: Safe mode with network support

Running processes:

C:\Windows\Explorer.EXE

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\TuneUp Utilities 2010\OneClick.exe

C:\Program Files\Windows Mail\WinMail.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Marktplaats - De plek om Nieuwe en Tweedehands spullen te kopen en verkopen

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! UK & Ireland

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! UK & Ireland

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O1 - Hosts: ::1 localhost

O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll

O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKCU\..\Run: [Device Detector] DevDetect.exe -autorun

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [RegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O16 - DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} (Diagnostics ActiveX WebControl) - Help and Support

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll

O20 - AppInit_DLLs: avgrsstx.dll